Upload
ijdiwc
View
20
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Wireless Ad-hoc Network is a temporaryand decentralized type of wireless network.Due to security vulnerabilities in therouting protocol currently, this type ofnetwork is unprotected to network layerattacks. Black-hole attack is such a type ofattack and is a Denial-of-Service (DoS)attack. Due to its nature, the attack makesthe source node send all the data packets toa Black-hole node that ends up dropping allthe packets. The aim of this paper is toreflect light on the severe effects of aBlack-hole attack in a Wireless Ad-hocnetwork and the drawbacks of the securitymechanisms being used for the mitigationof this attack.
Citation preview
Wireless Ad-hoc Network under Black-hole Attack
Shree Om1 and Mohammad Talib
1
1Department of Computer Science, University of Botswana,
Gaborone, Botswana.
[email protected] and [email protected]
KEYWORDS
Wireless Ad-hoc Network, Black-hole
Attack, Ad-hoc On-demand Distance
Vector
1 INTRODUCTION
The “ad-hoc” mode wireless architecture of
802.11 does not rely on any fixed
infrastructure. All 802.11 nodes may be
mobile; no nodes play a specific role and
do not rely on access points to
communicate with each other. Applications
of such network are in battlefield
communications, interconnection of
sensors in an industrial, commercial, or
military setting, emergency response, etc.
A node can be a laptop, personal digital
assistant (PDA) or a pocket PC (PPC)
equipped with 802.11 capability.
Attacks at network layer of a wireless ad-
hoc network usually harm the network by
either not forwarding packets or adding
and changing some parameters of routing
messages: such as sequence numbers and
IP addresses. The network layer of WMN
defines how interconnected networks
(inter-networks) function. Some of the
attack types are:
i) Black-hole Attack: In this
attack, a malicious node uses the routing
protocol to advertise itself as having the
shortest path to the node whose packets it
wants to intercept.
In a flooding-based protocol, the attacker
listens to requests for routes. When the
attacker receives a request for a route to
the target node, the attacker creates a reply
consisting of an extremely short route. If
the malicious reply reaches the requesting
node before the reply from the actual
node, a forged route gets created. Once the
malicious device has been able to insert
itself between the communicating nodes, it
is able to drop the packets to perform a
denial-of-service attack [8].
ii) Sybil Attack: During this attack, a
node assumes several node identities while
591
International Journal of Digital Information and Wireless Communications (IJDIWC) 1(3): 591-596The Society of Digital Information and Wireless Communications, 2011(ISSN 2225-658X)
ABSTRACT
Wireless Ad-hoc Network is a temporary
and decentralized type of wireless network.
Due to security vulnerabilities in the
routing protocol currently, this type of
network is unprotected to network layer
attacks. Black-hole attack is such a type of
attack and is a Denial-of-Service (DoS)
attack. Due to its nature, the attack makes
the source node send all the data packets to
a Black-hole node that ends up dropping all
the packets. The aim of this paper is to
reflect light on the severe effects of a
Black-hole attack in a Wireless Ad-hoc
network and the drawbacks of the security
mechanisms being used for the mitigation
of this attack.
using one physical device obtained either
by impersonating other nodes or by
making use of false identities [4]. The
attack can impact several services in ad-
hoc networks, e.g., multipath routing and
data aggregation.
iii) Worm-hole Attack: This attack
requires the presence of two colluding
malicious nodes in ad-hoc network. In this
attack, a malicious node captures packets
from one location and “tunnels” these
packets to the other malicious node, which
is assumed to be located at some distance.
The second malicious node is then
expected to replay the “tunnelled” packets
locally [4].
iv) Sleep Deprivation Attack: Usually,
this attack is practical only in ad hoc
networks where battery life is a critical
parameter. Battery-powered devices try to
conserve energy by transmitting only
when absolutely necessary. An attacker
can attempt to consume batteries by
requesting routes, or by forwarding
unnecessary packets to the node using, for
example, a black hole attack [8].
v) Routing Table Overflow: In this
attack, the attacker’s goal is to create
enough routes to prevent new routes from
being created or to overwhelm the
protocol implementation by creating
routes to non-existent nodes [8].
Our paper looks at the effect of black-hole
attack on packet delivery in a wireless ad-
hoc network. Before we get in to the
description of the simulation results, we
would like to give a brief background
black-hole attack and vulnerabilities in ad-
hoc on-demand distance vector (AODV)
routing protocol.
2 BACKGROUND
In this paper, we address operation of
black-hole attack by using AODV as an
example protocol.
A. Black Hole Attack
A DoS attack possible in wireless ad-hoc
networks, in this attack, an attacker sends
a false RREP packet to a source node that
initiated a route discovery, posing itself as
a destination node or an immediate
neighbour to the actual destination node.
In such a case, the source node would
forward all of its data packets to the
attacker, which originally was intended for
the genuine destination. The attacker,
eventually may never forward any of the
data packets to the genuine destination. As
a result, therefore, the source and the
destination nodes became unable to
communicate with each other [14]. The
attacker’s device will be referred to as a
malicious node.
Since AODV treats RREP messages
having higher value of destination
sequence number to be fresher, the
malicious node will always send the RREP
having the highest possible value of
destination sequence number. Such RREP
message, when received by source node is
treated afresh, too. The fallout is that there
is a high probability of a malicious node
attempting to orchestrate the Black-hole
attacks in AODV [9].
B. AODV Drawbacks
AODV protocol, a pure on-demand data
acquisition system, initiates route
discovery process when a source node
(SN) desires to send some traffic to an
unknown destination node (DN). The SN
broadcasts a Route Request (RREQ) to the
neighbors who further broadcast to their
neighbors until a node that has a fresh
enough route to the DN is found [10]. The
freshness of the routes are ensured by
destination sequence number (DSN). Each
node maintains its own sequence number
to the intended destination and an
intermediate node can reply only if its
destination sequence number is greater
than or equal to that contained in the
RREQ. The SN chooses that path from
which it has received the first route reply
(RREP) for the transmission of data
packets to the DN and the RREP's that are
further received are discarded [11].
Since AODV has no security mechanisms
to ensure that the packets have reached the
destination, malicious nodes can perform
Black-hole attacks just by not behaving
according to the AODV rules. There is no
acknowledgement procedure that is
present and hence no validation. This
paper highlights the severe effect that
Black-hole attack has on packet delivery
in a wireless ad-hoc network and presents
possible solution.
3 RELATED WORK
592
International Journal of Digital Information and Wireless Communications (IJDIWC) 1(3): 591-596The Society of Digital Information and Wireless Communications, 2011(ISSN 2225-658X)
AODV does not incorporate any specific
security mechanism, such as strong
authentication. Therefore, there is no
straightforward method to prevent
mischievous behaviour of a node such as
media access control (MAC) spoofing, IP
spoofing, dropping packets, or altering the
contents of the control packets.
Method proposed in [2] can help mitigate
individual node attack because it requires
the intermediate node to include
information about the next hop to
destination in the RREP packet. After the
source node has received this packet, it
sends a further route request (FREQ) to
the next hop node asking if the node has
route to the destination. In case this next
hop node is been working together with
the malicious node, then it will reply “yes”
to the FREQ and the source node will
transmit the packet to the malicious node
that sent the first reply which is a black-
hole node. [15] have presented a
hierarchical secure routing protocol
(HSRBH) for detecting and defending
against black-hole attacks. It uses
symmetric key cryptography to discover a
safe route against the attacks. However
sharing a key among user's can be risky.
An enhancement to the AODV protocol is
presented by [14] to avoid black-hole
attacks called SAODV. According to this
proposed solution the requesting node
without sending the DATA packets to the
reply node at once, has to wait till other
replies with next hop details from the
other neighbouring nodes. Hence, the
mobile node, which is battery-powered,
has to wait sometime before a safe path is
discovered which will consume the battery
power [6] present ANODR based anomaly
detection method. The proposed agent-
based cooperative anomaly detection
approach builds on cluster-type
architecture where the whole network is
logically divided into several clusters.
Each cluster consists of one special node
as the cluster head and several normal
nodes as the cluster members. The
intrusion detection feature information is
propagated among neighbours and the
cluster head performs the anomaly
detection for its local cluster. When an
anomaly is found by the intrusion detector,
the detection result is broadcasted to the
entire network. An authentication
mechanism, based on the hash function,
the Message Authentication Code (MAC),
and the Pseudo Random Function (PRF),
is proposed for black hole prevention on
top of AODV by [7]. The simulation
results show the scheme provides fast
message verification identifies black hole
and discovers the safe routing avoiding the
black hole attack. However, adding a
mechanism along with AODV will only
make the communication establishment
process longer which would exhaust the
battery power of mobile nodes. It [10]
proposed a game theoretic approach called
AODV-Game Theoretic (AODV-GT) and
we integrate this into the reactive AODV
to provide defence against black-hole
attacks. AODV-GT is based on the concept
of non-cooperative game theory.
4 PROBLEM STATEMENT
Black-hole attack is a severe DoS attack
routing protocol threat, accomplished by
dropping packets, which can be easily
employed against routing in wireless ad-
hoc networks, and has the effect of making
the destination node unreachable or
downgrade communications in the
network. The black holes are invisible and
can only be detected by monitoring lost
traffic. The emergence of new applications
of these networks necessitates the need for
strong privacy protection and security
mechanisms. The AODV, our case study
protocol, does not have any security
mechanisms and malicious nodes can
perform many attacks by taking advantage
of the loopholes in the protocol. The next
section shows simulation results from
research works that show the devastating
effect of black-hole attack in wireless ad-
hoc network.
5 SIMULATION RESULTS
We have analyzed various simulation
results from different articles that have
injected black-hole node into wireless ad-
hoc networks.
In Table 1, [3] have presented the results
of simulating 20 nodes in 750 X 750 meter
593
International Journal of Digital Information and Wireless Communications (IJDIWC) 1(3): 591-596The Society of Digital Information and Wireless Communications, 2011(ISSN 2225-658X)
flat space with node 0 transmitting to node
1, node 2 transmitting to node 3, node 4
transmitting to node 5 and so on. Nodes 18
and 19 have been used as black-hole
nodes. Total simulation time was set to
500 seconds and the CBR connections
started at the first second of the scenario
and lasted for 450 seconds. In their
scenarios constant bit ratio (CBR)
parameters are set to have packet sizes of
512 bytes, and data rates of 10 kbps.
Table-1 Packet loss %age with a single black-
hole node (average 100 scenarios) [3]
Results obtained by [1] are shown in Table
2. The simulation ran for 500 seconds with
20 nodes one of which was a black-hole
node in a flat area of 750 X 750 meter
space using AODV protocol with packet
sizes of 512 bytes and data rate of 10
Kbits. Simulation results show increased
data loss by approximately 86.88%.
Table-2 Simulation results with one black-
hole node [1]
Simulated network [13] consisting of 40
randomly allocated wireless nodes in a
1500 by 1500 square meter flat space. The
node transmission range is 250 m power
range. Random waypoint model was used
for scenarios with node mobility. The
selected pause time is 30 s. CBR
parameters are set to have packet sizes of
512 bytes. Out of 40 nodes, nodes 1-27
and 29-40 were simple nodes, and node 28
was a malicious node or black-hole node.
The impact of the presence of black-hole
node in the network is presented in Fig. 1.
Due to effect of the black-hole attack, the
packet delivery ratio decreased to 92%.
Fig.1 Impact of Black-hole attack on packet
delivery ratio [13]
In Fig.2, [12] have presented their
simulation results. The simulation
parameters were 500 X 500 meters of flat
space with number of node increasing in
10s and packet rate of 4 packets per
second. The routing protocol was AODV
and simulation duration was 200 seconds.
Results show that packet delivery ratio
decrease gradually as when there is large
number of nodes.
Fig.2 Packet delivery ratio under black-hole
attack [12]
Using 46 nodes, a network size of 600 X
600 meters, simulation duration of 600
seconds, OPNET simulator and AODV
protocol, [5] have presented their results in
Fig. 3. The average packet delivery ratio
when there is one black-hole node present
is found to be 0.3525 as to 0.8578 when
black-hole nodes are absent.
594
International Journal of Digital Information and Wireless Communications (IJDIWC) 1(3): 591-596The Society of Digital Information and Wireless Communications, 2011(ISSN 2225-658X)
Fig.3 Packet delivery ratio with one black-hole
node present [5]
6 CONCLUSION
Wireless Ad-hoc networks have the ability
to deploy a network where a traditional
network infrastructure environment cannot
possibly be deployed. With development
in computing environments, the services
based on ad hoc networks have been
increased. Although many solutions for
black-hole attack mitigation have been
proposed but still these solutions are not
perfect in terms of effectiveness and
efficiency. In our study we analyzed the
results of various simulations that ran
black-hole attack in wireless ad-hoc
network and the effect of this attack on
packet delivery. Based on our research and
analysis we draw the conclusion that the
drop rate of packets is very high when
there is a black-hole node present in the
network and that the detection of black-
hole nodes in ad hoc networks is still
considered to be a challenging task.
7 FUTURE WORK
Wireless Ad hoc networks are widely used
networks due to their flexible nature i.e.
easy to deploy regardless of geographic
constraints and are exposed to both
external and internal attacks as there is not
centralized security mechanism. In this
paper we have described black-hole attack
that can be carried out against wireless ad-
hoc networks with such ease and its
devastating effects on packet delivery.
Currently, simulations are underway for a
possible solution to this attack which we
intent to present in the near future.
8 REFERENCES
1. Bala, A., Kumari, R., Singh, J.:
Investigation of Blackhole attack on
AODV in MANET. Journal of Emerging
Technologies in Web Intelligence, 2(2),
96--100, 2010.
2. Deng, H., Li, W., Agarwal, P. D.: Routing
Security in Wireless Ad-hoc Networks.
IEEE Communications Magazine, 40(10),
70--75 (2002)
3. Dokurer, S., Erten, M. Y., Akar, E. C.:
Performance analysis of ad-hoc networks
under black hole attacks. In: IEEE
SoutheastCon, pp. 148--153, Richmond,
USA (2007).
4. Douceur, J.: The Sybil Attack. In: 1st
International Workshop on Peer-to-Peer
Systems (IPTPS), pp. 251--260.
Cambridge (2002).
5. Esmaili, A. H., Khalili Soja, R. M.,
Ghraee, H.: Performance Analysis of
AODV under Black Hole Attack through
Use of OPNET Simulator. World of
Computer Science and Information
Technology Journal, 1(2), 49--52, 2011.
6. Kumar, S. M., Selvarajan, S., Balu, S.:
ANODR Based Anomaly Detection for
Black Hole and Route Disrupt Attacks. In:
International Conference on Computing,
Communication and Networking, pp. 1--5,
St. Thomas, Virginia, USA (2008)
7. Luo, J., Fan, M., Ye, D.: Black Hole
Attack Prevention Based on
Authentication Mechanism. In: 11th
IEEE
Singapore International Conference on
Communication Systems (ICCS 2008),
pp. 173--177, Guangzhou, China (2008)
8. Mishra, A.: Security and Quality of
Service in Ad Hoc Wireless Networks.
Cambridge University Press, New York
(2008).
9. Mistry, N., Jinwala, C. D., Zaveri, M.:
Improving AODV protocol against
Blackhole Attacks. In: International
MultiConference of Engineers and
Computer Scientists (IMECS’10), pp.
1034-1039, Hong Kong (2010)
10. Panaousis A. E., Politis, C.: A Game
Theoretic Approach for Securing AODV
in Emergency Mobile Ad Hoc Networks.
In: IEEE 34th
Conference on Local
Computer Networks (LCN 2009), pp. 985-
-992, Zurich, Switzerland (2009)
11. Ramaswami, S.S., Upadhyaya, S.: Smart
Handling of Colluding Black Hole Attacks
in MANETs and Wireless Sensor
Networks using Multipath Routing. In:
IEEE Workshop on Information
Assurance, pp. 253--260, New York, USA
(2006)
595
International Journal of Digital Information and Wireless Communications (IJDIWC) 1(3): 591-596The Society of Digital Information and Wireless Communications, 2011(ISSN 2225-658X)
12. Saini, A., Kumr, H.: Effect of Black Hole
Attack on AODV Routing Protocol in
MANET. International Journal on
Computer Science and Technology, 1(2),
57--60, 2010.
13. Sharma, S., Gupta, R.: Simulation Study
of Blackhole Attack in yhe Mobile Ad
Hoc Networks. Journal of Engineering
Science and Technology, 4(2), 243--250,
2009.
14. Tamilselvan, L., Sankarnarayanan, V.:
Prevention of Blackhole Attack in
MANET. In: 2nd
International Conference
on Wireless Broadband and Ultraband
Communications, pp. 21, Sydney,
Australia (2007)
15. Yin, J., Madria, S.: A Hierarchical Secure
Routing Protocol against Black hole
Attacks in Sensor Networks. In: IEEE
International Conference on Sensor
Networks, Ubiquitous and Trustworthy
Computing, pp. 8, Taichung, Taiwan
(2006)
596
International Journal of Digital Information and Wireless Communications (IJDIWC) 1(3): 591-596The Society of Digital Information and Wireless Communications, 2011(ISSN 2225-658X)